2f134d8aa7979eea807d9d7e517cb1dd_mafia_JC[.]exe | Triage

Sharing

General

Target

2f134d8aa7979eea807d9d7e517cb1dd_mafia_JC.exe
Size

840KB
MD5

2f134d8aa7979eea807d9d7e517cb1dd
SHA1

deb14a364e26c3c7b8082a350c0fd6494be5d25a
SHA256

8ba76e26896db670a32b7c11ad8fe46d74b1786d95c637e27ac7d2d01030d010
SHA512

7afbda427c29ae3919439d8d01a591d14b09daf83d326d1497279bef36c4e15b7be6b7ddb664332559cb05b0ec013ff143e099bc62cc8158fcb135f4f7ed472e
SSDEEP

24576:9DDWfqlWNxed2eZLmIzDjLEIMkaBdJ4FWiZlWLggE9rEssA:FWfqkaDjAIBavJ4FwknEdA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f134d8aa7979eea807d9d7e517cb1dd_mafia_JC.exe

Files

2f134d8aa7979eea807d9d7e517cb1dd_mafia_JC.exe
.exe windows x86

06fa29813db6c1f98441703604fe5cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
ExitProcess

Sections

.text
Size: 478KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ